Unrated severityNVD Advisory· Published Mar 8, 2022· Updated Apr 23, 2025
Path traversal in Icinga Web 2
CVE-2022-24716
Description
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including icingaweb2 configuration files with database credentials. This issue has been resolved in versions 2.9.6 and 2.10 of Icinga Web 2. Database credentials should be rotated.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <2.9.6 && <2.10
- Range: >= 2.9.0, < 2.9.6
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.